Skip to content

Container Images

Container Images #8

Workflow file for this run

#
# Container Images
#
# This workflow builds all container images on every PR and Push that modifies
# relevant paths. It verifies that the images can be built successfully, and
# then possibly runs tests to verify their correct behavior.
#
# If triggered by the deploy-hooks, the built images will be pushed out to
# the configured registries.
#
name: "Container Images"
on:
pull_request:
paths:
- ".github/workflows/containers.yml"
- "lib/containers/**"
push:
branches-ignore: ["pr/**"]
tags: ["**"]
paths:
- ".github/workflows/containers.yml"
- "lib/containers/**"
workflow_dispatch:
inputs:
target:
description: "Container Target"
required: true
default: "all-images"
defaults:
run:
shell: "bash"
working-directory: "./lib/containers"
jobs:
#
# Configure Jobs
#
# This job prepares parameters for the further builds. Amongst other things,
# it list all targets and provides this output as JSON array to other
# jobs. This allows us to dynamically react to additions to the image list
# and create new jobs for each image.
#
# Note that we have to split image builds across jobs since the individual
# CI runners do not have enough disk capacity to build all images.
#
config:
name: "Job Configuration"
runs-on: ubuntu-latest
outputs:
deploy: ${{ steps.parameters.outputs.deploy }}
images: ${{ steps.parameters.outputs.images }}
now: ${{ steps.parameters.outputs.now }}
steps:
- name: "Clone Repository"
uses: actions/checkout@v3
- name: "Determine Build Parameters"
id: parameters
env:
CTX_GITHUB_EVENT_NAME: ${{ github.event_name }}
CTX_GITHUB_EVENT_INPUTS_TARGET: ${{ github.event.inputs.target }}
IMG_DEPLOY: no
IMG_TARGET: all-images
run: |
if [[ "${CTX_GITHUB_EVENT_NAME}" = "workflow_dispatch" ]] ; then
IMG_DEPLOY="yes"
IMG_TARGET=${CTX_GITHUB_EVENT_INPUTS_TARGET}
fi
echo "deploy=${IMG_DEPLOY}" >>$GITHUB_OUTPUT
echo "images=$(docker buildx bake --print "${IMG_TARGET}" | jq -ce ".target | keys")" >>$GITHUB_OUTPUT
echo "now=$(date -u '+%Y%m%d%H%M')" >>$GITHUB_OUTPUT
- name: "Print Parameters"
env:
CTX_STEPS_PARAMETERS_OUTPUTS_DEPLOY: ${{ steps.parameters.outputs.deploy }}
CTX_STEPS_PARAMETERS_OUTPUTS_IMAGES: ${{ steps.parameters.outputs.images }}
CTX_STEPS_PARAMETERS_OUTPUTS_NOW: ${{ steps.parameters.outputs.now }}
run: |
echo "Deploy: ${CTX_STEPS_PARAMETERS_OUTPUTS_DEPLOY}"
echo "Images:"
echo "${CTX_STEPS_PARAMETERS_OUTPUTS_IMAGES}" | jq .
echo "End of Images"
echo "Now: ${CTX_STEPS_PARAMETERS_OUTPUTS_NOW}"
#
# Build/Test Images
#
# This job is run for each image-target. It builds the image locally and then
# runs configured tests (if any).
#
ci:
name: "Image Build/Test"
runs-on: ubuntu-latest
needs: config
permissions:
packages: write
strategy:
fail-fast: false
matrix:
image: ${{ fromJson(needs.config.outputs.images) }}
env:
CAB_UNIQUEID: ${{ needs.config.outputs.now }}
steps:
- name: "Clone Repository"
uses: actions/checkout@v3
- name: "Prepare QEMU Emulators"
uses: docker/setup-qemu-action@v2
- name: "Prepare Docker Buildx"
id: buildx
uses: docker/setup-buildx-action@v2
- name: "Build Image"
env:
IMG_TARGET: ${{ matrix.image }}
run: docker buildx bake --load "${IMG_TARGET}"
- name: "Authenticate to GHCR"
if: ${{ needs.config.outputs.deploy == 'yes' }}
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: "Deploy Image"
if: ${{ needs.config.outputs.deploy == 'yes' }}
env:
IMG_TARGET: ${{ matrix.image }}
run: |
docker buildx bake --print "${IMG_TARGET}" | \
jq -cer '.target[].tags[] | select(test("^ghcr.io"))' | \
xargs -L1 -- docker push